Starting a business is such an exciting time in life and comes with many rewards.
However, sometimes you find out the hard way you don’t know what you don’t know. Especially when it becomes difficult to decide what insurance policies are the most important when there are more than 15 different types from general liability insurance to key person insurance to cyber liability insurance.
Each business has its own unique liability depending on what type of business it is. A small business owner running a gourmet cupcake shop for instance has different levels of insurance needs than a florist, and the florist, different from a tax accountant. One thing all of those small business owners have in common though is, they all have some sort of online presence and therefore are at extreme jeopardy for cyber attacks.
What is a Cyber Attack?
The National Institute of Standards and Technology (NIST) defines cyber attack as, “An attack, via cyberspace, targeting an enterprise’s use of cyberspace for the purpose of disrupting, disabling, destroying, or maliciously controlling a computing environment/infrastructure; or destroying the integrity of the data or stealing controlled information.” What does this mean? A cyber attack is any intentional effort to steal, disable or destroy information through unauthorized access of the internet or using one or more computers.
Types of Cyber Attacks
Cyber attacks or threats include malware, social engineering, denial of service, basic web application attacks, and privilege misuse.
Malware- Malicious software, or malware, is software code or computer program intentionally written and installed to harm computer systems. The most common is ransomware. Ransomware is a program that holds your devices and data hostage until the ransom is paid. It is estimated over 72% of businesses worldwide are affected by ransomware attacks with the median adjusted loss for those who did pay was around $46,000.
Social Engineering- The Cybersecurity & Infrastructure Security Agency states, “In a social engineering attack, an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems.” One of the main types of social engineering is called phishing. Phishing is, actually fishing for information using email or malicious websites to gain information, seemingly from a reputable company.
For instance, you receive an email appearing to be from the United States Postal Service (USPS) informing you of a “Delivery Failure Notice” and to click on the link embedded in the email to confirm your personal delivery information. This email is attempting to have you take the bait and provide personal information to a cybercriminal or when the link is opened, a harmful virus will be activated and will steal your information.
Denial of Service (DoS)- Accounting for more than 50% of incidents, the goal is to make a system, unavailable by flooding it with bot run site traffic causing a disruption of service and preventing legitimate users from accessing it, also known as crashing the site.
Basic Web Application Attacks- Using web applications (like banking systems, social media platforms, and ecommerce sites), cybercriminals use code and illegally gain access into the company’s customer database stealing personal information such as names, addresses, date of births, and social security numbers. We often hear this called a data breach.
Privilege Misuse or Privilege Abuse- When an employee with access rights or privilege to sensitive personal data in your own company, steals information such as names and contact information and either sells it, uses it to commit financial crimes, or starts a new competing business.
What is Cyber Liability Insurance?
Cyber liability insurance is designed to protect businesses against losses resulting from costly cyber attacks such as ransomware attacks, data breaches, and hacking. Although it is fairly new to the insurance industry, cyber liability is an important type of business insurance due to the rising increase in cyber assaults.
Cyber liability insurance is particularly crucial for small businesses that manage customer personal data and other sensitive information.
What Risks does Cyber Liability Insurance Cover?
Cyber liability insurance typically includes coverage of losses from the following computer- and computer system-related crimes and exposures. Policies may vary by provider and plan, the main areas that cyber liability insurance typically include:
- Hacking and Cyber Attacks
- Data Destruction, Extortion and Theft
- Stolen Electronic Computer Devices
- Online Slander or Libel
How Does Cyber Liability Insurance Help?
Cyber liability insurance protects a business with its digital, online, computer related assets and typically pays for:
- Notification expenses about a data breach
- Repairing damaged computer systems
- Lost income from an attack
- Litigation expenses
- Ransome ware/Cyber extortion expenses
- Regulatory fines from state and federal agencies
- Forensic investigations
Want More Information on Cybersecurity, Cyber Attacks, and Cyber Liability Insurance?
Check the Federal Trade Commission’s site (an official website of the US government-check the top left corner to see) on more information on Cybersecurity and Cyber Liability Insurance. This site provides more in-depth information including PDFs, videos, guides for business owners and employees, and a checklist on some tips on what your cyber liability insurance policy should cover.
Cyber Liability Insurance is a Critical Safeguard for Businesses in Today’s Digital World.
Cyber liability insurance can protect you against financial losses stemming from data breaches, cyber attacks, and other cyber related incidents. With the right policy you'll be equipped to weather rough waters and navigate the evolving cyber threat landscape with greater confidence.
Contact Windward Insurance Agency today to help you chart a safe course towards security and protect your business against cyber risks. Get a quote online or give us a call at 866-231-2433.